<?php

class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {

    private $acl = null;
    private $auth = null;

    public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
        $this->acl = $acl;
        $this->auth = $auth;
    }

    public function preDispatch(Zend_Controller_Request_Abstract $request) {
        //avant exec de toutes actions
        $ressource = $request->getControllerName();
        $action = $request->getActionName();
        if (Zend_Auth::getInstance()->hasIdentity()) {
            $identity = $this->auth->getStorage()->read();
            $role = $identity->role;
            if (!$this->acl->isAllowed($role, $ressource, $action)) { //permission non accordee
                $request->setControllerName('authentication');
                $request->setActionName('login');
            }
        } else {
            $request->setControllerName('authentication');
            $request->setActionName('login');
        }
    }

}

?>
